In 2022, protecting your privacy and online activities is not optional.
Everything you need to start hacking is available for free online, and by "online" I mean the "regular web" like YouTube tutorials or blogs, not the dark web or whatever hidden black markets people go to buy illegal stuff or just for the thrill. I don't see many encouraging trends, though:
In other words, becoming a script kiddie keeps getting easier, which might put a lot of people at risk, especially those who are aren't cybersecurity-aware yet. In my experience:
Your home network is not a safe place by default. You'd be surprised by the intruders' motive, which is mostly money but not only. The "because I can" argument can be the only reason, and don't assume your attacker will have any moral limits.
Don't believe hackers only target public WiFi. While it's true that MITM (Man in The Middle) attacks often happen in such favorable conditions, there are complete documentations online to hack misconfigured networks, including wireless connections.
Be also aware that script kiddies will likely attack the easy preys, as a pragmatic approach. Reused passwords, default settings, weak encryption, or misconfigured connections will make you pretty vulnerable.
Securing wireless networks (e.g., WiFi, Bluetooth) is a bit challenging, even for tech savvies. Free tools such as Aircrack-ng and many other combined with wordlists such as Rockyou can be used to crack weak Wifi passwords in minutes. Wireshark provides deep analysis and monitoring for various kinds of networks, including wireless connections.
It's not exactly like pushing the "hacking button" and breaking into the victim's computer but there are comprehensive tutorials on YouTube that explain the operation step by step.
The current threat landscape is growing fast and bad actors are even open-sourcing their databases and scripts. Advanced tools, frameworks, and distributions for hacking are available for free.
You need very little knowledge to use this arsenal. However, even if hackers are always a few steps ahead, defenders are getting better too.
The big concern is that many users neglect essential aspects of their privacy and security for more convenience or cheapest entertainment, which makes them preferred targets.
I've also noticed some security nihilism with the rise of zero click attacks and the huge security flaws revealed in big platforms (e.g., Facebook leaks, supposed NSA backdoors, etc), like there's nothing you can do in the end.
Don't give up. While experienced hackers have managed to break 2FA (2-factor authentication) and MFA (Multi-factor authentication) in specific conditions, it's still a massive pain for most kiddies.
Security hygiene is less and less sufficient but it's necessary:
The more you read, learn, and practice, the more layers you will add to your defense to lift common threats and protect your privacy.
Originally published here.